We have MVC application using this application we want read AD group created by Service Administrator.
MVC application is register in azure acrive dirctory permission also set for read all group.
but when we IPagedCollection<IGroup> pagedCollection = await client.Groups.ExecuteAsync(); execute this statement
it will throws following exception
"{\"odata.error\":{\"code\":\"Authorization_RequestDenied\",\"message\":{\"lang\":\"en\",\"value\":\"Insufficient privileges to complete the operation.\"},\"requestId\":\"---------\",\"date\":\"2017-01-30T13:46:22\"}}"
Read all group app permission required admin rights so which type of admin rights it is required (account or service)?